Escolar Documentos
Profissional Documentos
Cultura Documentos
Product Description
Version: B/1
Code: MN000001889
October 2014
Thank you for choosing our products.
Related Documentation
Document Description
CiTRANS R810A Series Mini Introduces the structure, functions, specifications, and
Edge Router Hardware technical parameters of the product's hardware
Description components, including cabinets, subracks and cables.
I
Document Description
II
Version
Version Description
A Initial version.
Adds the relevant descriptions on the CiTRANS R810A-
B
2A/2D series.
Intended Readers
u Commissioning engineers
u IP/MPLS technology
u Ethernet technology
III
Conventions
Terminology Conventions
Terminology Convention
Symbol Conventions
Cascading
→ Connects multi-level menu options.
menu
IV
Symbol Meaning Description
Bidirectional
↔ The service signal is bidirectional.
service
Unidirectional
→ The service signal is unidirectional.
service
V
Contents
Preface...................................................................................................................I
Version ..........................................................................................................III
Conventions ................................................................................................. IV
1 Overview .....................................................................................................1-1
2 Function ......................................................................................................2-1
4.2 RIP................................................................................................4-2
4.8 LDP.............................................................................................4-17
8.1.1 ACL.................................................................................8-2
8.1.2 Traffic Policing .................................................................8-2
8.1.3 Attack Defense ................................................................8-3
9 Technical Specifications...............................................................................9-1
9.6 Standard........................................................................................9-9
The CiTRANS R810 Series mini edge router is an IP/MPLS router product of
FiberHome Telecommunication Technologies Co., Ltd. (FiberHome) designed for
edge access of a mobile backhaul network or multi-service MAN.
Brief Introduction
Product Feature
Product Positioning
Following the boom of IP-based telecom services, data service networks are
witnessing a change. IP services outpace TDM services on the transport network
and new services are flourishing, which challenges the data bearer capability of the
transport network.
The CiTRANS R810 series includes two categories: the CiTRANS R810A
equipment and the CiTRANS R810B equipment. Two categories are applicable for
different installation environment.
As the indoor equipment, the CiTRANS R810A includes the sub-equipment such as
the CiTRANS R810A-1A/1D series and the CiTRANS R810A-2A/2D series.
As the outdoor equipment, the CiTRANS R810B includes the sub-equipment such
as the CiTRANS R810B-1A/1D.
Note:
With routing and switching as the core, the CiTRANS R810 Series router provides
operators with the Ethernet data service and E1 service to help them deliver full-
service access.
The CiTRANS R810 Series router is located at the access / edge layer of a mobile
backhaul network or multi-service MAN to connect to base stations and systems of
key accounts.
The main features of the CiTRANS R810 Series router are as follows:
u Service capability
4 Support for abundant VPN services. Support for L2VPN and L3VPN
services such as VPLS and VPWS.
u QoS capability
u Carrier-class protection
4 PW redundancy protection.
4 IP FRR protection.
4 Support for system-level GR such as OSPF GR, IS-IS GR, BGP GR, and
LDP GR.
u Security design
4 Supports allocation and management of user levels and rights and user
access control.
Compared with the SDH, the router based on the IP performs inbuilt statistical
multiplexing capability and provides connection-oriented flexible bearing
tunnels with high efficiency, which greatly reduces the transmission cost per bit.
4 Provides routing protocols such as RIP, OSPF, IS-IS, BGP, and multicast
routing protocols and provides the fast convergence function.
The CiTRANS R810 Series router is located at the access / edge layer of a multi-
service MAN or mobile backhaul network. It can work with CiTRANS R830E,
CiTRANS R820, CiTRANS R845, CiTRANS R860, and CiTRANS R865 to provide
the network accessing from edge layer to distribution layer, to provide an IP network
solution with complete structure and clear hierarchy, and to meet the full-service
access requirement of operators.
The CiTRANS R810 Series router can connect to the FE / GE interface of a base
station to provide the base station with access and bearer services.
The CiTRANS R810 Series router uses MPLS to carry Ethernet mobile services and
provide mobile service functions such as QoS assurance, protection and restoration,
bearer network time and clock synchronization, and end-to-end service
configuration and management.
As Figure 1-1 shows, the CiTRANS R810 Series is located in the access layer. It is
connected with the upper-level router upwards, and accesses the client equipment
and the base station equipment downwards.
Interface Type
Protection Capability
The CiTRANS R810 Series router rests on the routing and switching core.
Table 2-1 describes its switching capability.
The following introduces the service type and processing capability of the CiTRANS
R810 Series router.
The CiTRANS R810 Series router provides L2VPN and L3VPN services, as shown
in Table 2-2.
Service
Service Type
Category
E-Line
E-LAN
L2VPN services
E-Tree
E-CES (only applicable to CiTRANS R810A-2A/2D series)
The CiTRANS R810 Series router supports the Ethernet service and E1 service.
Table 2-3 shows the service types and processing capabilities supported by each
type of router.
FE 8
GE 8
Ethernet service
16 (only applicable to CiTRANS R810A-
E1
2A/2D series)
The CiTRANS R810 Series router provides external interfaces such as service
interfaces and management interfaces.
The CiTRANS R810 Series router provides abundant service interfaces, as shown
in Table 2-4.
Connec-
Interface Type Description
tor Type
The CiTRANS R810 Series router provides the network-level protection and
network management information protection.
The CiTRANS R810 Series router provides a protection channel for network
management information. The NEs whose network management information should
be protected is accessed into the data communication network (DCN), and
connected with the network management system host to establish the protection
channel of the network management information.
The CiTRANS R810 Series router uses the e-Fim OTNM2000 Element
Management System (hereinafter referred to as the OTNM2000). The OTNM2000 is
the subnet of the TMN (Telecommunication Management Network) and designed in
line with the OSI (Open Systems Interconnection) standard of ISO.
The CiTRANS R810 Series router supports logging in the OTNM2000 via PPPoE.
The CiTRANS R810 Series router uses the OTNM2000 to perform unified
configuration management at the central office, with a large control scope, high
management efficiency, and low maintenance cost.
The CiTRANS R810 Series router uses the OTNM2000 to perform performance
management and alarm management and implements operations such as real-time
collection, prompt, browsing, filter, confirmation, clearing, and statistics collection
related to performance data and alarms, as well as alarm relevance analysis and
fault diagnosis.
The CiTRANS R810 Series router supports multiple DCN construction modes and
isolation of management communication networks and signaling communication
networks, and implements both in-band and out-of-band DCN network modes.
The CiTRANS R810 Series router supports the following interfaces of an in-band
DCN:
u GE interface
u FE interface
See Figure 2-1 for the in-band DCN network for the CiTRANS R810 Series router.
In an out-of-band DCN, channels other than service channels are used to transmit
network management information to implement network management.
In out-of-band DCN network mode, the network management center can set up a
DCN with the managed equipment in multiple modes. The out-of-band DCN network
mode supports by the CiTRANS R810 Series router is Ethernet mode.
See Figure 2-2 for the out-of-band DCN network for the CiTRANS R810 Series
router.
The CiTRANS R810 Series router provides features including remote upgrade and
power supply monitoring.
Remote login is one of the most original services provided by the Internet for the
convenience in controlling the computer in the remote end of the network. Remote
login is widely used for transport network maintenance, especially in large-scale
project start-up, equipment upgrade, and network monitoring and maintenance.
The CiTRANS R810 Series router allows you to use a computer to upgrade the
hardware FPGA and BMU software remotely, which facilitates engineering start-up
and maintenance and addresses future needs for system upgrade.
The CiTRANS R810 Series router provides the monitoring function for the faults and
alarms of power supply .
QoS Feature
OAM Feature
Clock Feature
VPN
The following introduces basic concepts of QoS and the QoS feature of the
CiTRANS R810 Series router.
QoS does not contribute to increase of bandwidth but it can be used to allocate and
monitor network resources properly to minimize network delay and jitter and ensure
the quality of key services.
u Jitter: time deviation in arrival of packets in a group transmitted via the same
route.
The CiTRANS R810 Series router supports DiffServ. It completely implements PHB
defined in the standard on the network so that carriers can provide services of
differentiated QoS levels for users.
When forwarding data, the CiTRANS R810 Series router maps user priority and PW
layer priority carried in received packets to PHBs and maps PHBs in the transmitted
packets to the PW / LSP layer priority.
The CiTRANS R810 Series router can set PHBs for virtual service ports of L2VPNs
and L3VPNs, physical ports and logical ports. Users can either choose from the
existing mapping table for the PHB and PW priority level, or set a specific PHB
service level.
When network congestion occurs, the CiTRANS R810 Series router employs
certain queue buffering management policies to preferentially ensure the QoS of
services with high priorities.
The CiTRANS R810 Series router supports two types of queue buffering
management policies:
u Tail drop
When the queue is filled to its maximum capacity, the newly arriving packets
are dropped until the queue has enough room to accept inbound traffic.
u WRED
4 When the number of packets stored in the output buffer area does not
exceed the threshold specified by Start, no packet is discarded.
4 When the number of packets stored in the output buffer area exceeds the
threshold specified by End, all packets are discarded.
4 When the number of packets stored in the output buffer area is between
the START and the END, all packets face a probability of being dropped
based on an average-queue-length function.
Queue Scheduling
When congestion occurs, the CiTRANS R810 Series router uses different queue
scheduling policies to guarantee the QoS of services with high priority.
The CiTRANS R810 Series router supports the following two queue scheduling
modes:
u SP queue scheduling
Packets in queues are scheduled based on the queue priority. In this case,
packets in a lower-priority queue are sent only when those in higher-priority
queues are all sent.
Queues are fairly scheduled based on their weights assigned. Queues with
higher priority are assigned higher weights and therefore occupy more
bandwidth. Similarly, queues with lower priority are assigned lower weights and
therefore occupy less bandwidth.
The following introduces the OAM features that the CiTRANS R810 Series router
supports.
u Checks for network faults periodically and generates related maintenance and
alarm information.
MPLS-TP OAM
MPLS-TP OAM can effectively detect and isolate defects in an MPLS-TP network
and monitor the network performance.
The equipment can trigger the protection switching using the detecting status of
OAM, so as to implement quick fault detection and service protection, and
guarantee the carrier-class QoS in the packet switched network.
The OAM mechanism of the MPLS-TP complies with the standard GACh+Y.1731. It
provides abundant service overhead, similar to the feature of the SDH network. It
also implements the functions of automatic network fault detection, protection
switching, performance monitoring and fault isolation for hierarchical network,
performing the OAM monitoring for each layer of the MPLS-TP.
BFD
BFD is a simple hello protocol that in many respects is similar to the detection
components of well-known routing protocols. A pair of systems transmit BFD
packets periodically over each path between the two systems, and if a system stops
receiving BFD packets for long enough, the path between the two systems is
assumed to have failed.
Compared to the OAM function of SDH, the traditional packet based network
management and maintenance functions are relatively weak and cannot provide
end-to-end service management, fault detection and performance monitoring.
Based on the function of the traditional IP router, the CiTRANS R810 Series is
added with some MPLS advantages and provides hierarchical OAM function.
The OAM function features of the CiTRANS R810 Series router are as follows:
u Provides the OAM function for daily maintenance, including loopback and
locking, providing operators with more convenient maintenance operation
methods for daily network checking. For example, the LT (Looptrace) / LB
(LoopBack) function based on PW layer.
The CiTRANS R810 Series router supports MPLS-TP network layer OAM, which
provides the OAM management function on the client side and each network layer
of MPLS-TP, and also implements quick fault detection to trigger the protection
switching, providing carrier-class QoS in the routing switching network.
Table 3-1 lists the OAM standards supported by each network layer of the
CiTRANS R810 Series router.
The MPLS-TP OAM mechanism can detect and isolate the defects within the
MPLS-TP network effectively, so as to implement the monitoring on the network
performance.
The equipment can trigger the protection switching using the detecting status of
OAM, so as to implement quick fault detection and service protection, and
guarantee the carrier-class QoS in the packet switched network.
The OAM mechanism of the MPLS-TP complies with the standard GACh+Y.1731. It
provides abundant service overhead, similar to the feature of the SDH network. It
also implements the functions of automatic network faukt detection, protection
switching, performance monitoring and fault isolation for hierarchical network,
performing the OAM monitoring for each layer of the MPLS-TP.
BFD is a simple hello protocol that in many respects is similar to the detection
components of well-known routing protocols. A pair of systems transmit BFD
packets periodically over each path between the two systems, and if a system stops
receiving BFD packets for long enough, some component in that particular
bidirectional path to the neighboring system is assumed to have failed.
BFD sets up a session between two routers to monitor the bidirectional forwarding
path between the routers. A BFD session is established based on the needs of the
higher-layer protocol that will be making use of it. It is up to the higher-layer protocol
to determine the need for BFD, and the addresses to use–there is no discovery
mechanism in BFD. Faults occur if no BFD control message from the opposite end
is received within the detection time after the session is established. BFD informs
the served higher-layer protocol for relevant processing.
A system may take either an Active role or a Passive role in session initialization. At
least one system MUST take the active role (possibly both.)
u A system taking the active role MUST send BFD Control message for a
particular session, regardless of whether it has received any BFD packets for
that session.
u A system taking the Passive role MUST NOT begin sending BFD packets for a
particular session until it has received a BFD packet for that session.
u Asynchronous mode: In this mode, the systems periodically send BFD Control
packets to one another, and if a number of those packets in a row are not
received by the other system, the session is declared to be down.
Note:
The CiTRANS R810 Series router supports only BFD sessions in the
asynchronous mode.
BFD Application
The CiTRANS R810 Series router supports the following BFD applications:
u BFD for PW
Reference
Number Title
draft-ietf-bfd-base-08 Bidirectional Forwarding Detection
Note:
The CiTRANS R810B has no external clock interface and external time
interface.
The CiTRANS R810 Series router can extract clock information from the following
links:
u FE interface
The CiTRANS R810A router supports input and output of external clocks. It may
use 75Ω or 120Ω clock interfaces to provide stratum-3 2048 kHz or 2048 kbit/s (HDB3)
clock sources.
The CiTRANS R810 Series router may work in locked, holdover, or free running
clock mode, and can process and transmit SSMs.
The CiTRANS R810 Series router supports the following features of 1588v2:
u Supports two clock modes. Each station can be configured to work in desired
mode.
u Time synchronization indicates that the internal clock and time of a device are
controlled based on the received time. Time synchronization controls both clock
frequency and phase and represents clock phase with a value, that is, time of
the day (ToD).
u Digital watches 1 and 2 maintain time consistency at every moment. This status
is called time synchronization.
u Digital watches 1 and 2 maintain a constant time difference, for example, one
hour. This status is called clock synchronization.
Note:
The consistency of time difference between Digital watches 1 and 2
cannot be maintained if Digital watches 1 and 2 have different
frequencies. Therefore, clock synchronization is the prerequisite for time
synchronization.
u The PHY chip of the equipment (node B) at the Rx end extracts the clock from
the data code stream without deteriorating the clock precision, ensuring precise
clock synchronization with the source end.
The synchronous Ethernet technology is mature and easy to implement and hardly
affected by network damages. The clock synchronization quality approximates to
that of SDH. The architecture of the synchronous Ethernet technology is similar to
that of the SDH solution. It is applicable to network frequency synchronization.
The basic function of IEEE 1588v2 is to make the most precise time of a distributed
network the same as other time. IEEE 1588v2 defines a PTP that is able to
synchronize the clocks of sensors, performers, other terminal devices in Ethernet or
other distributed bus systems using the multicast technology at submicrosecond
level. In IEEE 1588, four types of packets, that is, Sync, Follow_up, Delay-Req, and
Delay-Resp, are used for time alignment and delay compensation.
When (1) and (2) are added, the following formula is obtained: TDelay (m->s)+ TDelay (s->m)
= (t2 - t1) + (t4 - t3)
Assume that TDelay (m->s) = TDelay (s->m) = TDelay. The formula for calculating the latency
on the master and slave ports is as follows:
The master and slave ports send PTP packets continuously. The slave port
synchronizes its time with TDelay so that its time is synchronous with that of the
master port.
The following introduces the internal clock unit and clock and time synchronization
capabilities of the equipment.
The internal clock unit of the CiTRANS R810 Series router is to provide a system
clock.
The clock unit meets the requirements defined by the ITU-T G.8261 standard for
SyncE. It can provide SyncE devices with a system clock that meets G.8262
specifications, and accept multiple timing reference resources. The CiTRANS
R810A provides an external stratum-3 clock externally, so that the equipment is
adaptable to different networking environments.
u Provides stable frame alignment pulse and multiframe alignment pulse for
system clock.
u The CiTRANS R810A provides a 2048 kHz or 2048 kbit/s (HDB3) stratum-3
clock source externally.
Clock signals of the CiTRANS R810A are synchronized in in-band (via the IEEE
1588 interface) or out-of-band (via the 1PPS&TOD interface). The clock signals of
the CiTRANS R810B are synchronized only in the in-band mode (via the IEEE 1588
interface). Specifications of the two modes are as follows:
4 TOD information: The default baud rate is 9600 without parity check. There
is one start bit (shown in low level) and one stop bit (shown in high level).
Idle frames are high level and contain eight data bits each. The TOD
information transmission occurs at 1ms after the rising edge of the 1 pps
and completes within 500ms, and the TOD information labels the rise time
of the current 1PPS. The transmitting frequency of the TOD protocol
message is once per second.
4 1PPS: The rising edge is used as the on-time edge. The rise time is less
than 50 ns. The pulse width is about 180 ms.
The clock synchronization signal design of the CiTRANS R810 Series router
complies with the standards and specifications listed in Table 3-3.
Number Title
Standard for a Precision Clock Synchronization Protocol for
IEEE 1588-2008
Networked Measurement and Control Systems
3GPP TR 25.836
(applicable only to CiTRANS NodeB synchronization for TDD
R810A)
3.3.4 Reference
The following introduces the reference standards for time and clock synchronization
of the CiTRANS R810 Series router.
For details about time and clock synchronization, see the standards listed in
Table 3-4.
Number Title
Standard for A Precision Clock Synchronization Protocol for Networked
IEEE 1588v2
Measurement and Control Systems
The control of jitter and wander within digital networks which are based
G.823
on the 2048 kbit/s hierarchy
3.4 VPN
The following introduces the basic concept of the VPN and the VPN features
supported by the CiTRANS R810 Series router.
The following describes the background and basic features of the VPN.
3.4.1.1 Background
u Virtual: Users on a VPN communicate with each other on the public network,
which is also used by non-VPN users. The VPN is a logical private network.
This public network is called the VPN backbone network.
The existing IP network can be divided into logically isolated networks based on
these features. This type of logically isolated network (VPN) can be widely used. A
logically isolated network can be used for internal interconnection within an
enterprise or between departments. It can also be used to provide new services. For
example, a VPN can be assigned for the IP telephony service to address problems
such as IP address shortage, QoS guarantee, and new value-added service
provisioning.
3.4.2.1 L2VPN
VPWS
The VPWS is an emulated leased line service. It uses the IP network to emulate
leased lines and provides asymmetric and low-cost DDN services. For users at the
two ends of a virtual leased line, the virtual leased line resembles a traditional
leased line.
VPWS is compatible with traditional private networks such as the ATM and FR.
Carriers can have their traditional private networks upgraded to VPWS smoothly.
VPLS
In VPLS, LANs are interconnected over virtual private network segments. It is the
extension of LANs on IP public networks.
VPLS is also called the transparent LAN service. Unlike the point-to-point service of
common L2VPNs, VPLS enables SPs to provide Ethernet-based multipoint services
over the MPLS backbone network.
On the VPLS backbone network, full-mesh connection and horizontal split are used
to eliminate loops. Unknown unicast and multicast frames may be discarded, locally
processed, or broadcast. VPLS extends the application of VLANs across the world.
The CiTRANS R810 Series router supports the hierarchical VPLS. In a VPLS
network, full-mesh LSP tunnels (N x (N-1)/2) need to be established between N PE
routers in each VPLS instance, which generates large amounts of signaling
overhead. In addition, PE routers need to replicate packets for every PW. As a result,
routers are heavily loaded. Hierarchical VPLS is a solution to this problem.
Because of the hierarchical VPLS, the VPLS network is divided into two layers: core
layer and access layer. As shown in Figure 3-5, NPEs at the core layer are fully
connected, and UPEs virtually connect to only the closest NPE for service switching
with peer sites. The hierarchical VPLS reduces the number of virtual connections
and improves the scalability of a network.
MS-PW
The CiTRANS R810 Series router supports the MS-PW technology. MS-PW refers
to that two PE establish an end-to-end PW through a S-PE, which divides the PW
into multiple dynamic or static segments. These PW segments work together to
provide end-to-end connectivity, troubleshooting, and maintenance.
3.4.2.2 L3VPN
L3VPN is also called virtual private routing network (VPRN). L3VPN differs from
other types of VPNs in that VPRN packets are forwarded at the network layer. The
VPN node on the public network needs to establish a dedicated routing and
forwarding table for each VPN. The routing and forwarding table contains routing
information about the network layer. Data flows are forwarded between the VPN
node on the public network and user sites based on the dedicated routing and
forwarding table.
The CiTRANS R810 Series router supports the L2/L3 bridge service and terminates
L2 VCs within a network. In addition, it classifies VCs by IP address segment,
converges VCs on each segment, and forwards them in static L3VPN mode. The
L2/L3 bridge technology helps construct an LTE backhaul network where L2VPN
and L3VPN are mixed.
3.4.3 Reference
The following introduces the reference standards of the CiTRANS R810 Series
router's VPN function.
Number Title
RFC 3985 Pseudo Wire Emulation Edge-to-Edge (PWE3) Architecture
Number Title
Virtual Private LAN Service (VPLS) Using Label Distribution Protocol
RFC 4762
(LDP) Signaling
RFC 4905 Encapsulation Methods for Transport of Layer 2 Frames Over MPLS
draft-kompella-
Layer 2 VPNs Over Tunnels
ppvpn-l2vpn-04
The EMC / EMI standards of the CiTRANS R810 Series router are shown in
Table 3-6.
Number Title
Electromagnetic compatibility and Radio spectrum Matters (ERM);
ETSI EN 300 386 Telecommunication network equipment; Electromagnetic
Compatibility (EMC) requirements
Number Title
Information technology equipment - Immunity characteristics - Limits
CISPR 24
and methods of measurement
Resistibility of telecommunication equipment installed in a
ITU-T K.20
telecommunications centre to overvoltages and overcurrents
The applicable security standards of the CiTRANS R810 Series router are shown in
Table 3-7.
Number Title
Safety of laser products - Part 1: Equipment classification and
EN 60825-1
requirements
The CiTRANS R810 Series router supports a wide range of routing protocols to
meet different network requirements. The following introduces these routing
protocols including RIP, OSPF, IS-IS, and BGP.
Overview
RIP
OSPF
IS-IS Protocol
BGP-4 Protocol
RSVP
LDP
4.1 Overview
The CiTRANS R810 Series router supports the following routing protocols and
functions:
4.2 RIP
Basic Concept
The distance to the destination is measured based on the number of hops to the
destination. In RIP, the number of next hops from a router to a directly connected
network is 0. The number of next hops from a router to the other network through a
directly connected router is 1, and so on and so forth. According to RIP, the number
of hops is an integer ranging from 0 to 15 to limit the route convergence time. If the
number of hops is more than or equal to 16, the destination network or host is
unreachable.
RIP supports split horizon and poison reverse to enhance performance and prevent
route loops.
Reference
Number Title
RFC 2082 RIP-2 MD5 Authentication
RFC 2453 RIP Version 2
4.3 OSPF
Basic Concept
OSPF is an IGP defined by the IETF. It is one of the most commonly used routing
protocols.
There are two OSPF versions: OSPFv1 (RFC 1131) and OSPFv2 (RFC 2328).
OSPF uses the link state route selection technology and the SPF algorithm. Routers
exchange information about direct links and links to other routers. Each OSPF
router maintains the same database that describes the topology of the autonomous
system (AS). Each OSPF router constructs an SPT (shortest path tree) to calculate
the routing table based on the database.
When the topology changes, OSPF quickly recalculates routes and only a small
amount of routing protocol traffic is generated. Identity authentication is required for
exchanging route selection protocols.
u The Hello protocol checks whether links are available and specifies the DR
(designated router) and BDR (backup designated router).
u The switching protocol specifies the master and slave routers and enables the
routers to exchange the information in their respective routing database.
u Triggers route convergence in a very short time to avoid routing loops and
therefore applies to mesh networks and LANs that are connected using
bridges.
Protocol Algorithm
The core of OSPF is SPF. OSPF generates the minimum spanning tree using the
Dijkstra algorithm.
1. Each router advertises its LSA that describes its own link state information.
3. Each router calculates the minimum spanning tree based on the link costs, with
itself as the root node.
4. Each router obtains the route entries based on the minimum spanning tree and
stores them in the routing table.
Packet Structure
u Hello packet
4 These Hello packets are sent periodically by the router running the OSPF
in order to establish and maintain neighbor relationships and elect the DRs
and BDRs.
Typical Application
Figure 4-2shows a typical AS established over OSPF. The AS is divided into three
areas, which are respectively numbered 0, 1, and 2. The internal router maintains
an LSDB about links between routers within this area. The area border router
maintains the LSDBs of the connected areas and sends LSA-Update messages
between the two areas. The autonomous system boundary router exchanges
routing information with routers belonging to other Autonomous Systems.
Reference
Number Title
RFC 2328 OSPF Version 2
RFC 3623 Graceful OSPF Restart
OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP
RFC 4577
Virtual Private Networks (VPNs)
To suit a large-size routing network, IS-IS uses a two-layer structure in the routing
domain. A routing domain is partitioned into areas. Routes within an area are
managed by a level-1 router, and routes between areas are managed by a level-2
router. A router is uniquely identified by a system ID. Routers with the same area ID
belong to the same area. If a router belongs to multiple areas, it may have different
area IDs but the same system ID.
u Level-1 router
u Level-2 router
u Level-1-2 router
A level-1-2 router is both a level-1 router and a level-2 router. Each area has at
least one level-1-2 router. An area connects to the backbone network through
the level-1-2 router. A level-1-2 router maintains two LSDBs: a level-1 LSDB for
intra-area routing and a level-2 LSDB for inter-area routing.
Packet Structure
IS-IS packets are directly encapsulated into frames at the data link layer. The IS-IS
packets include:
u Hello packet
u LSP
LSPs are used to exchange link state information. LSPs are classified into
Level-1 LSPs and Level-2 LSPs. Level-1 LSPs are transmitted by level-1
routers and level-2 LSPs are transmitted by level-2 routers. A level-1-2 router
can transmit both sorts of LSPs.
u SNP
An SNP is used to acknowledge the latest LSP received by a router from its
neighbor. SNPs include CSNPs and PSNPs, which are further classified into
Level-1 CSNPs, Level-2 CSNPs, Level-1 PSNPs, and Level-2 PSNPs.
4 A partial sequence number packet lists the most recent sequence number
of one or more LSPs. A partial sequence number packet may
acknowledge multiple LSPs at once. When a router finds that its LSDB is
not synchronized with that of its neighbor, a PSNP may act as a request for
information.
4 A CSNP contains the summary information about all LSPs in an LSDB and
therefore can be sent to synchronize LSDBs between neighboring routers.
On a broadcast network, the DIS periodically sends CSNPs at 10-second
intervals by default. On a P2P channel, a CSNP is sent only when a link
first comes up.
Typical Application
Figure 4-3shows an AS established over IS-IS. The AS is divided into four parts.
NEs within an AS and in different ASs communicate with each other over dynamic
routing protocols. Routes within an area are managed by a level-1 router, and routes
between areas are managed by a level-2 router. A router is uniquely identified by a
system ID.
Reference
Number Title
RFC 1195 Use of OSI IS-IS for Routing in TCP/IP and Dual Environments
BGP is an exterior gateway protocol. The ISO defines BGP to maintain the
individual interests of ISPs. BGP is short for Border Gateway Protocol and is
responsible for routing and forwarding among ISPs. Different from IGPs such as
OSPF and RIP, which focus on discovering and calculating routes, BGP focuses on
controlling route transmission and optimal route selection. The earliest released
three BGP versions are BGP-1 (RFC1105), BGP-2 (RFC1163), and BGP-3
(RFC1267). The currently used version is BGP-4 (RFC4271).
u Supports CIDR.
Protocol packet
BGP ECMP
The CiTRANS R810 Series router supports BGP ECMP in load balancing. When
there are multiple links destined for the same address, BGP-enabled routers
calculate multiple routing entries and add them to the routing table. If a path fails
due to failure of a neighboring node, BGP ECMP allows data to be fast switched to
another path.
The CiTRANS R810 Series router supports the BGP next-hop separation and
separates the VPN routing table according to the far end nex-hop of the VPN router.
The original VPN routing table is divided into the remote next hop and direct routes
of the remote next hop, which reduces route iteration and accelerates route
convergence.
Use of BGP
u When there are multiple routes, the BGP speaker uses the most preferred one.
u The BGP Speaker advertises to its peers only those routes that it uses itself.
u The BGP Speaker does not advertises the routes learns from IBGPs to its
IBGP peers to avoid intra-domain routes.
u The BGP Speaker determines whether to advertise the routes learned from
IBGPs to its EBGP peers based on the synchronization conditions between
IGP and BGP.
u After establishing a connection with a new peer, the BGP Speaker advertises
all its BGP routes to the peer.
Typical Application
As shown in Figure 4-4, BGP is an IBGP when running within an AS, and is an
EBGP when running between ASs.
Reference
Number Title
RFC 1997 BGP Communities Attribute
RFC 1998 An Application of the BGP Community Attribute in Multi-home Routing
Number Title
RFC 4271 A Border Gateway Protocol 4 (BGP-4)
RFC 4456 BGP Route Reflection:An Alternative to Full Mesh Internal BGP (IBGP)
The IETF customizes RIP specific for IPv6 networks, that is, RIPng, with the
advantages of RIP inherited. RIPng provides routing functions on IPv6 networks
and is an important routing technology for IPv6 networks.
RIPng resembles RIP in the working mechanism. Compared with RIP, RIPng has
the following differences:
u Packet
u Security authentication
RIP can run on both IP and IPX networks whereas RIPng can run only on IPv6
networks.
OSPFv3
The IETF customizes OSPFv2 specific for IPv6 networks, that is, OSPFv3, with the
advantages of OSPFv2 inherited. OSPFv3 provides routing functions on IPv6
networks and is a mainstream routing technology for IPv6 networks.
OSPFv3 is improved so that it can run on IPv6 networks and guide IPv6 packet
forwarding. In this way, OSPFv3 can run independent of network-layer protocols. It
can be compatible with various protocols after being customized, which enhances
the scalability of OSPFv3.
IS-IS provides high scalability. It can discover and generate IPv6 routes to support
IPv6 network-layer protocols. The IS-IS protocol that supports IPv6 is also called the
IS-ISv6 dynamic routing protocol.
IS-ISv6 can process IPv6 routing information. Compared with IS-IS, IS-ISv6 has the
following differences:
u Adds CLVs.
u Extends Hello packets for supporting IPv6 routing and establishes IPv6
adjacencies.
4 Adds a 8-bit NLPID whose value is 0x81 in the CLV supporting protocols to
indicate that the current router supports IS-ISv6.
4 Adds an IPv6 interface address CLV that enables IS-ISv6 in Hello packets,
in which the Interface Address field is set to a local IPv6 link address of the
interface where IS-ISv6 is enabled.
BGP4+
The IETF defines extensions to BGP4+ to enable it to carry routing information for
multiple Network Layer protocols. The related standard for the extensions is
RFC2858 MP-BGP (Multiprotocol Extensions for BGP4+).
The extensions are backward compatible - a router that supports the extensions can
interoperate with a router that doesn't support the extensions.
Reference
Number Title
RFC 2080 RIPng for IPv6
RFC 2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing
4.7 RSVP
Basic Concept
RSVP is a signaling protocol that runs at the network layer. It allows any router to
establish a reserved-bandwidth path. It ensures the QoS (Quality of Service) for
data flows on a network. Dynamic tunnels are established over RSVP.
u Supports priority setting. Different priorities can be set for requests. When
network resources are insufficient, resource requests with higher priority can
preempt the resources reserved for resource requests with lower priority.
Reference
Number Title
RFC 2205 Resource ReSerVation Protocol (RSVP)
4.8 LDP
Basic Concept
As a control protocol in MPLS, the LDP classifies FECs, distributes labels, transmits
label distribution results, and establishes and maintains LSPs. Dynamic tunnels and
VCs are established over LDP.
LDP defines the messages required during label distribution and related processing
processes. It is mainly used by LSRs to negotiate label distribution and establish
LSPs. LSRs combine the inbound label, next-hop node, and outbound label that
map a specific FEC to form an LSP that crosses the entire MPLS domain.
Reference
Number Title
RFC 3035 MPLS using LDP and ATM VC Switching
The following introduces the product architecture of the CiTRANS R810 Series from
the aspects of the logical architecture, hardware architecture, and software
architecture of the system.
Logical Structure
Software Architecture
The CiTRANS R810 Series router's system structure consists of the management
plane, control plane, forwarding plane, and equipment functional modules.
Figure 5-1 shows each functional module.
Forwarding Plane
Management Plane
Control Plane
The control plane processes routing protocols and MPLS and generates routing
tables, IP forwarding tables, and label forwarding tables.
Protection Module
u PW redundancy protection.
u FRR protection.
OAM Module
u BFD protocol.
Clock Module
The following introduces the code, appearance, front panel and technical
specifications of the CiTRANS R810A-1A/1D.
5.2.1 Code
The code of the clock and cross-connect routing unit used by the CiTRANS R810A-
1A/1D is 2201430.
The dimensions (height × width × depth, mm) of the CiTRANS R810A-1A/1D are
43.5×230×236, and its appearance is as shown in Figure 5-2 and Figure 5-3.
The following introduces the code, appearance, front panel and technical
specifications of the CiTRANS R810B-1A/1D.
5.3.1 Code
The code of the clock and cross-connect routing unit used by the CiTRANS R810B-
1A/1D is 2201431.
The dimensions (height × width × depth, mm) of the CiTRANS R810B-1A/1D are
356×289×120, and its appearance is as shown in Figure 5-4.
The following introduces the code and appearance of the CiTRANS R810A-2A/2D
series.
5.4.1 Code
The code of the clock and cross-connect routing unit used by the CiTRANS R810A-
2A/2D series is 2069306.
The dimensions (height × width × depth, mm) of the CiTRANS R810A-2A/2D series
are 43.5×360×225, and the appearances of AC type and DC type are as shown in
Figure 5-5 and Figure 5-6.
The CiTRANS R810A-2A/2D series can be installed on the desktop, wall or in other
equipment cabinet.
5.5.1 Overview
The CiTRANS R810 Series router uses a modularized software architecture and
consists of the BMU, NMU, and OTNM2000.
The software components run on functional cards and the network management
system host respectively to complete configuration, management, and monitoring of
the equipment. The system software architecture is shown in Figure 5-7.
The communication protocols and interfaces between the software modules of the
CiTRANS R810 Series router are described as follows:
4 The OTNM2000 interconnects with the NMU through the Q interface over
a private protocol of FiberHome.
u NEs (EMUs) communicate with each other over the ESC, which is a physical
channel. The applicable communication protocol is IP.
The BMU directly controls all functional circuits and supports the NMU in card
management. The BMU has the following functions:
The NMU runs in an embedded real-time multi-task operating system. The NMU
manages all cards of NEs through a unified Ethernet bus based on the manager/
agent model. The functions of modules in the NMU are as follows:
The management / agent application module includes the manager (M) and
agent (A). At the NE layer, an NE may be designated as agent (A) or manager/
agent (M/A) (providing management functions).
u Data collection module: collects the real-time status, alarms and performance
events of managed objects.
u Data processing module: analyzes and processes data and provides fault
management, performance management, configuration management, and
security management for the GUI management module.
The following introduces the types of services provided by the CiTRANS R810
Series router and the network application for each type of service. It covers the
following topics:
Ethernet Service
CES Service
Network Capability
The CiTRANS R810 Series router supports multiple types of Ethernet services and
provides complete L2VPN / L3VPN solutions.
The CiTRANS R810 Series router provides three types of the L2VPN service.
The CiTRANS R810 Series router also supports multiple L3VPN network modes.
The following introduces the basic network of three L2VPN services provided by the
CiTRANS R810 Series router and the L3VPN basic network with examples.
Figure 6-1shows an example of the E-Line service provided by the CiTRANS R810
Series router.
Company X has two branches in cities A and C, company Y has two branches in
cities B and C, and company Z has two branches in cities A and B. The branches of
each of the three companies need to exchange data.
The CiTRANS R810 Series router can provide the private line service for three
companies. Service data of different companies are distinguished using different
VPWS tags, so that the requirements for communication and service data
separation can be met at the same time.
Figure 6-2shows an example of the E-LAN service provided by the CiTRANS R810
Series router.
The CiTRANS R810 Series router is deployed to provide the E-LAN service for
company K. Service data of different branches are labeled with different VPLS tags.
In this way, data can be shared within a branch whereas data of different branches
is isolated. The Internet access data of the headquarters is isolated from the internal
service data through VPLS.
Figure 6-3shows an example of the E-Tree service provided by the CiTRANS R810
Series router. The E-Tree service is a type of multipoint-to-point bidirectional
convergence service.
In the example, a 3G network is constructed for a carrier and services of key clients
need to be aggregated and transmitted to the 3G core network. The FE services of
key clients are accessed on nodes 1, 3, 5, and 9. Multiple services between key
clients and the RNC are aggregated to the 3G core network through the E-Tree
service.
Figure 6-4 shows the basic network for Ethernet L3VPN. Users in the same VPN
can communicate with each other but users in different VPNs cannot communicate
with each other.
Figure 6-5 shows the application scenario of the CiTRANS R810 Series router in the
network. It is generally used at the access/edge node of packet MAN to bear the
unified transmission of IP-based multi-service.
With the CES (Circuit Emulation Service) technology, the TDM circuit switched data
can be transparently transmitted in the packet transport network. The CiTRANS
R810A-2A/2D series supports emulation and transparent transmission of 16 E1
services.
u Can identify and process the frame structure and transmit signaling in CES
frames.
u Can identify frame structure of CES service. It may not transmit idle timeslot
channels, but only extracts useful timeslots of CE devices from the E1 traffic
stream and then encapsulates them into PW packets for transmission.
u Segments all CES services as bit streams and encapsulates them for
transmission over a PW tunnel.
u Can transparently transmit CES traffic data and synchronous timing information.
SAToP completely disregards any structure, and PEs have no need to interpret
the CES data or to participate in the CES signaling.
In system clock recovery, the Tx end that generates CES signals and the Rx end
that extracts CES signals use the same network reference clock as the
synchronization signal source. Figure 6-6 shows the work principle of system clock
recovery.
In differential clock recovery, the service Rx and Tx ends have the same public
timing reference signal. The Tx end packetizes the synchronization signal on the
service side and transmits the signal to the Rx end over the packet switched
network. The Rx end then recovers the synchronization signal based on the public
timing reference signal available on the Rx end. Figure 6-7 shows the working
principle of differential clock recovery.
The CiTRANS R810A-2A/2D series implements CES services using the PWE3
technology.
CES services are mainly applied in radio services and enterprise private line
services. The CiTRANS R810A-2A/2D is connected to the 2G / 3G station or
enterprise private line through E1. The CiTRANS R810A-2A/2D series then slices
TMD signals and encapsulates them into data packets. The packets are forwarded
via the PW to the peer end over the MAN, which serves as the transport network.
See Figure 6-9.
The CiTRANS R810 Series router is applicable to the access/edge layer of the MAN
/ LAN and forms a PTN (packet transport network) with packet equipment at the
distribution layer and core layer. It integrates the packet processing and optical
transport capabilities and provides service interfaces such as FE, GE and E1 (for
the CiTRANS R810A-2A/2D series only). It helps build a new-generation BTS-
oriented and full-service metropolitan area transport network, which is applicable for
the IP-based service development for carriers and provides the following services:
u Provides base station data backhaul for 2G, 3G and future LTE networks.
u Provides stable bearing of voice, data and video services for key enterprise
users.
Below are types of Ethernet services supported by the CiTRANS R810 Series router.
u E-Line Service
u E-LAN Service
u E-Tree Service
Table 6-1 shows the application scenarios of the Ethernet service provided by the
CiTRANS R810 Series router.
Item Description
Network interface
GE GE GE
type
Figure 6-10 shows the typical network of the CiTRANS R810 Series router in the E-
Line service.
Figure 6-10 Typical Network of the CiTRANS R810 Series in the E-Line Service
Figure 6-11 shows the typical network of the CiTRANS R810 Series router in the E-
LAN service.
Figure 6-11 Typical Network of the CiTRANS R810 Series in the E-LAN Service
Figure 6-12 shows the typical network of the CiTRANS R810 Series router in the E-
Tree service.
Figure 6-12 Typical Network of the CiTRANS R810 Series in the E-Tree Service
See Table 6-2 for the application scenario of the CiTRANS R810A-2A/2D series in
CES service.
Item Description
Service Type E1
Network interface type E1
Service scenario The E1 emulates the CES.
See Figure 6-13 for the typical network of the CiTRANS R810A-2A/2D series in the
CES service.
Figure 6-13 Typical Network of the CiTRANS R810A-2A/2D Series in the CES Service
MPLS L3VPN is also called BGP / MPLS VPN. The CiTRANS R810 Series router
supports the following L3VPN network modes:
Table 6-3 shows the application scenarios of the CiTRANS R810 Series router in
L3VPN service.
Item Description
Point-to-
Network mode Point-to-point Hub-Spoke
multipoint
Item Description
Network
GE, FE GE, FE GE, FE
interface type
Figure 6-14 shows the basic network for Ethernet L3VPN. Users in the same VPN
can communicate with each other but users in different VPNs cannot communicate
with each other.
Figure 6-15 shows the point-to-multipoint network for Ethernet L3VPN. This network
mode has the following features:
u Users in the same VPN can communicate with each other. Users in different
VPNs cannot communicate with each other.
Figure 6-16 shows the network for L3VPN Hub-Spoke. After central access control
devices are configured, the monitoring and filtering functions for the devices
accessing each other at both ends of a VPN can be implemented.
As shown in Figure 6-17, the L2VPN service in the access and distribution network
is connected with the L3VPN routing and forwarding service in the MAN IP
backbone network by the L2/L3 bridge technology. This presents an inevitable
evolution to the IP-based network.
The L2/L3 hybrid networking provides the overall and complete service guarantee
capability, configures PW redundancy protection and LSP1:1 protection for the
L2VPN service and configures VPN FRR protection for the L3VPN service. The L2/
L3 hybrid network implements the service fast switching using the BFD fault
detection mechanism.
The PWE3 technology becomes mature recently. The technology-related drafts are
standardized and become formal RFC documents one after another and are widely
applied in the carrier network. The MS-PW network resolves the defects that the
network mode of the current PWE3 is simple and lacks flexibility. Multi-Segment
Pseudo-Wires are set up between two CiTRANS R810 Series routers by the MS-
PW technology, so as to cross networks in different types and implement the correct
routing and forwarding among equipment in networks in different types.
As shown in Figure 6-18, Tunnels of different signaling are connected via the
switching PE to complete the network deployment. The switching PE supports
multiple Tunnel connections which include the dynamic RSVP Tunnel and static
MPLS Tunnel.
The CiTRANS R810 Series router supports the hierarchical VPLS network. As
shown in Figure 6-19, Company X and Y have multiple branches and need to set up
enterprise network for branches. The hierarchical VPLS networking can implement
the interconnection of enterprise networks in different places. The hierarchical VPLS
networking saves the signaling overhead in the network and enhances the
scalability of the VPLS network deployment.
The CiTRANS R810 Series router provides abundant protection functions to ensure
normal service operation. The following introduces the protection mechanisms of
the CiTRANS R810 Series router and includes these contents:
Network-Level Protection
Introduction
The 1:1 protection for tunnels is used to protect services in the LSP tunnel so that
services are not interrupted when the LSP is interrupted and the system
performance can be ensured.
Protection Principle
In the 1:1 protection for tunnels, the standby Tunnel is used to protect services
transmitted over the active Tunnel. The service is dual-fed and single-received.
Under normal condition services are transmitted over the active Tunnel. When the
active Tunnel is faulty, services are switched over to the standby Tunnel, so as to
ensure the normal service transmission.
APS used for 1:1 protection for tunnels is transmitted in the standby tunnel. The
equipment on both ends of the tunnel decide whether to switch services based on
the protocol status and switching status.
Note:
The 1:1 protection for tunnels is configured only on Node A and Node B
to protect the services transmitted between them, without caring about
service paths.
Figure 7-1 shows the protection principle of 1:1 protection for tunnels.
Note:
Protection Parameter
Item Description
Introduction
PW redundancy protection is similar to the 1:1 protection for tunnels except that the
former targets at PW protection based on BFD for PW and the later focuses on
tunnel protection based on BFD for Tunnel.
Protection Principle
1. After detecting faults in the working path, the sink NE performs a switching
promptly and transmits a switching request to the source NE.
2. After the source NE receives the switching request, services are switched to
the standby PW channel. The source NE transmits a confirmation message
and completes the switching.
3. After detecting the working path restoring, the sink NE transmits a switching
request to the source NE and services are switched to the working path.
4. After the source NE receives the switching request, services are switched to
the working channel. The source NE transmits a confirmation message and
completes the restoration.
Protection Parameter
Item Description
Introduction
MPLS TE FRR features quick response and timely switchover and ensures smooth
migration of service data without service interruption. The ingress node of the LSP
attempts to find a new path for re-establishing an LSP and switches over service
data to the new LSP. Before a new LSP is established, service data is forwarded
along the protection path.
Protection Principle
The components of the MPLS TE system are involved in establishing the FRR LSP
and working LSP. MPLS TE FRR is implemented based on RSVP TE and complies
with RFC 3209 and RFC 4090. Below are two modes to implement MPLS TE FRR.
In detour mode, a protection path is set up for each protected LSP. The
protection path is called Detour LSP.
In bypass mode, a single protection path is set up for multiple protected LSPs.
The protection path is called Bypass LSP.
In the network shown in Figure 7-2, when the link between RTB→RTC fails or
node RTC fails, data on the primary LSP is switched to the Bypass LSP. The
headers of packets transmitted from RTB use the labels allocated by RTF for
RTB and the outgoing label of RTC is encapsulated in the label stack.
On the path RTB→RTF→RTD, the LSP uses two labels. After RTD receives
packets and the label allocated by RTD for RTF is displayed, the label allocated
by RTD for RTC is still used in forwarding.
In detour mode, each LSP is protected independently and therefore the overhead is
high. In actual service, the bypass mode is widely used.
Introduction
VPN FRR protection reduces route convergence time by presetting the active next
hop and standby next hop on the PE. In this way, when the PE node fails on the CE
dual-homing network, end-to-end fast convergence of services can be implemented.
Protection Principle
As shown in Figure 7-3, PE A sets PE B to the active next hop and sets PE C to the
standby next hop. Under normal condition the access path form CE A to CE B is CE
A→PE A→PE B→CE B. After the PE node becomes unreachable when PE B or an
external tunnel of the active route fails, PE A uses the standby route for forwarding.
The access path from CE A to CE B is CE A→PE A→PE C→CE B.
Introduction
After a link fails, route reconvergence often takes several seconds, during which
services are interrupted. IP FRR protection fills in the time gap of route convergence
by setting a backup link so that switching time for service protection can be
shortened to less than 50ms.
Protection Principle
IP FRR protection involves primary path, sub-optimal path and backup path.
u Primary path is the optimum path. When the network is stable and routes are
converged, traffic is forwarded on the primary path.
u Sub-optimal path is a path whose routing cost is greater than that of the primary
path. When the primary path fails, routes are converged on the sub-optimal
path.
Under normal condition services are forwarded on the primary path between RTA
and RTB. When the primary path fails, the protection process is as follows:
2. RTA switches the path and data message is redirected to the backup path
between RTA and RTD for forwarding.
4. Route re-convergence starts after BFD detects that primary path restores and
data message is re-switched to the restored primary path for forwarding.
Note:
If the sub-optimal path is the same as the preset backup path, data
message redirection is not performed in step 3.
IP FRR protection enables services to be switched over to the preset backup path
after the primary path fails to fill in the route convergence time gap and ensure
services are not interrupted.
Introduction
When LDP is in the Downstream Unsolicited, ordered label control and liberal label
retention mode, the LDP FRR protection sets up a standby LSP by generating a
label forwarding table entry for the label map of the designated backup interface or
backup next-hop. When the network runs normally, the active LSP forwards; when
the active LSP fails, the standby LSP forwards. When the active LSP fails, the LDP
FRR can guarantee none stop forwarding of services before the network
convergence.
Protection Principle
When the LDP is in the DU (Downstream Unsolicited), ordered label control and
liberal label retention mode, as for any types of FECs (Forwarding Equivalence
Class), label distribution router saves all received label map but only label map
transmitted from the next-hop of the corresponding router of the FEC can generate
label forwarding table entries.
With the aid of LDP, the LDP FRR also generates a label forwarding table entry for
the designated backup interface or backup next-hop label map, the equal of setting
up a standby LSP when the standby label is saved. The label distribution router can
respond promptly to router changes and switch to the standby label, so as to
complete the switching protection when the network faults occur.
On a ring network, when a transmission segment such as the optical fiber fails,
network management information is automatically transmitted over the supervisory
channel in the other direction. This does not affect network management. Figure 7-5
shows the automatic backup of network management information channels in a ring
network.
If both ends of a site on an optical fiber segment fail, or an optical fiber segment in a
point-to-point network or chain network fails, the supervisory channels for network
management information also fail. The network administrator cannot obtain
information about failed sites or operate these sites. To avoid such problems, a
protection channel must be deployed for network management information.
Function Implementation
The CiTRANS R810 Series router can provide a protection channel for network
management information through the data communication network. Between two
NEs to be protected, a router is configured and connected to the data
communication network to establish a protection channel. When the network runs
properly, network management information is transmitted over the main channel.
See Figure 7-6.
When the main channel becomes faulty, the NE automatically switches over the
network management information to the protection channel. This ensures that the
network management system monitors the entire network. The switchover process
is completed automatically without manual intervention. Figure 7-7 shows backup of
network management channels.
Figure 7-7 Backing up Network Management Information Channel (Active Channel Fails)
Note:
The following introduces the network security protocols and functions supported by
the CiTRANS R810 Series router.
8.1.1 ACL
An ACL is a list of permit and reject statements. It applies to addresses and upper-
level protocols. ACLs are used to control traffic passing a network.
The CiTRANS R810 Series router provides ACLs using a standard quintuple
(source IP address, destination IP address, IP protocol, source port, and destination
port), and supports access control based on MAC addresses (including the source
and destination MAC addresses). ACLs can be configured to take effect in the entire
equipment or just on its ports.
The CiTRANS R810 Series router supports hierarchical CAR functions. It uses two
coloring modes: color-blind and color-aware.
By default, the principle of traffic bandwidth control discards red packets and allows
yellow and green packets to pass.
u Measures the inbound and outbound traffic of access users and tunnels when
the CiTRANS R810 Series router functions as a PE on the L2VPN and L3VPN.
The CiTRANS R810 Series router supports DiffServ. It completely implements PHB
defined in the standard on the MPLS network so that carriers can provide services
of differentiated QoS levels for users.
During data forwarding, the CiTRANS R810 Series router maps user priorities and
PW priorities carried in received packets to PHBs, and PHBs in forwarded packets
to PW or LSP priorities.
The CiTRANS R810 Series router supports setting PHBs for VPWSs, VPWS flows,
VPLS-VSs, and LAN ports emulated over VPLS. An existing mapping table
(mapping between PHBs and PW priorities) can be used. Also, a PHB service level
can be designated.
The CiTRANS R810 Series router provides powerful attack defense capabilities.
When network congestion occurs or worsens, the CiTRANS R810 Series router
employs certain queue buffering management policies to preferentially ensure the
QoS of services with high priorities.
u Tail drop
When the queue is filled to its maximum capacity, the newly arriving packets
are dropped until the queue has enough room to accept inbound traffic.
u WRED
4 When the number of packets stored in the output buffer area does not
exceed the threshold specified by Start, no packet is discarded.
4 When the number of packets stored in the output buffer area exceeds the
threshold specified by End, all packets are discarded.
4 When the number of packets stored in the output buffer area is between
the START and the END, all packets face a probability of being dropped
based on an average-queue-length function.
Queue Scheduling
When congestion occurs, the CiTRANS R810 Series router uses different queue
scheduling policies to guarantee the QoS of services with high priority.
u SP queue scheduling
Packets in queues are scheduled based on the queue priority. In this case,
packets in a lower-priority queue are sent only when those in higher-priority
queues are all sent.
Queues are fairly scheduled based on their weights assigned. Queues with
higher priority are assigned higher weights and therefore occupy more
bandwidth. Similarly, queues with lower priority are assigned lower weights and
therefore occupy less bandwidth.
Rates of the SYS/Line ports of the equipment can be limited to defend passing
traffic attacks.
The maximum transmission unit (MTU) is configured to control the size of inbound
packets.
u Packets that contain less than 64 bytes are identified as fragments and
therefore are discarded. Local or remote collision fragments and short packets
with invalid FCSs are such a type of packet.
u Packets that contain invalid FCSs and more bytes than the value defined by the
MTU (1518 in general) are identified as Jabber packets and therefore are
discarded.
The equipment provides a policy for preventing distributed DoS attacks from
overspreading.
The equipment supports the unicast reverse path forwarding (URPF) function. That
is, it checks whether the source IP address of a packet matches the source
interface based on the forwarding information base (FIB). If not, it discards the
packet.
The following introduces the security protection functions provided by the CiTRANS
R810 Series router for the network management system.
Access control involves user registration and login management, management area
division, access time restriction, and remote access management. Access control
aims to prevent unauthorized users from accessing network resources, including
the OTNM2000.
u To log in to the OTNM2000, an operator must enter the user name and
password. After the system confirms the user name and password, the
operator can finally log in to the system. The purpose of the access control is to
check whether an operator is an authorized user and ensure that only
authorized operators can log in to the OTNM2000.
u The managed devices are distributed in different areas, and operators are
granted permission based on management area and management function.
Only the authorized operators can access the specified area and can play the
management role only in the authorized area. Areas can be added and
modified as required.
u The access time of users can be set as required. For example, operators are
allowed to log in to the OTNM2000 at specified time periods.
Advanced user
The system administrator is an advanced user and has permission to configure and
modify network resources. The system administrator manages the OTNM2000, and
can perform security management operations including controlling the network,
setting passwords for users, adding, modifying or deleting users, and performing log
management.
u Add, modify (user name and password), and delete lower-level users, and save
project configuration data.
Intermediate user
Intermediate users are system maintenance users responsible for system routine
maintenance. They can add or delete users of a lower level and can access and
back up data in the management information library. Intermediate users are entitled
to access the connection screen.
u Maintain the OTNM2000, perform service configuration for the equipment, and
deliver commands from the OTNM2000 to the equipment.
u Access and back up data in the database, including alarms, performance data,
log reports, and documents of lower-level users.
Operational user
Operational user is system operation user. They can only monitor the alarm status
of the system, observe and view performance monitoring results. Operational user
can monitor various detection results, including viewing card configuration data and
active configuration data.
Limited user
Limited user can monitor the alarm status of the system, observe and browse
performance monitoring results, and view reports. Limited user can only read data
and cannot access sensitive configuration data.
u Monitor alarms, performance, and status of the system, observe and browse
performance results. Handle alarms, such as alarm confirmation.
u Read and browse data rather than perform any operations on the OTNM2000.
The security mechanism enables the OTNM2000 to ensure the data security, data
integrity and confidentiality and implement database security management.
u Data confidentiality: Data is protected and unauthorized users can not obtain
the data.
Logs are operation records. After a security event occurs, logs can be used to trace
and inspect the event to find out the cause of the system security breach.
Logs automatically record login activities and key operations of users. Log
management supports the following functions:
u Records operator identities, login time, login location, operation type and
operation result.
Clock Specifications
Environmental Requirement
Standard
Table 9-1 shows the technical specifications of the CiTRANS R810 Series router.
Power
Dimensions (Height × Voltage Rated
Product Type Weight (kg) consump-
Width × Depth, mm) Range (V) Current (A)
tion (W)
See Table 9-2 and Table 9-3 for the system performance specifications of the
CiTRANS R810 Series router.
Item Description
Packet loss
Ethernet service No packet loss in 24 hours
characteristic
System switching capability 8G
Packet Forwarding Rate 11.904Mpps
Item Description
Item Description
PW redundancy
<50 ms
Protection switching protection
time VPN FRR
< 50ms
protection
The following introduces the interface specifications of the CiTRANS R810 Series
router.
See Table 9-4 for the GE optical interface specifications of the CiTRANS R810
Series router.
Item Specification
Mean
launched -9.5 to 0 -8 to -3 -2 to 3 -2 to 5 -2 to 5
power (dBm)
Central
wavelength 770 to 860 1270 to 1355 1275 to 1350 1500 to 1580 1500 to 1580
(nm)
Overload
optical power 0 -3 -3 -3 -9
(dBm)
Receiving
sensitivity -17 -20 -23 -23 -31
(dBm)
Minimum
extinction 9 9 9 9 9
ratio (dB)
See Table 9-5 for the FE optical interface specifications of the CiTRANS R810
Series router.
Item Specification
Item Specification
Code HDB3
All marks of a valid signal must conform with the mask in
Pulse type (nominal rectangular)
ITU-T Rec. G.703 irrespective of the sign.
Item Specification
Frequency range:
Return loss at the output port (51kHz to 102kHz)≥6dB
(102kHz to 3072kHz)≥8dB
Frequency range:
(51kHz to 102kHz)≥12dB
Return loss at the input port
(102kHz to 2048kHz)≥18dB
(2048kHz to 3072kHz)≥14dB
The CiTRANS R810A provides input and output interfaces for external clocks.
Table 9-7 lists the clock interface specifications.
u Frequency accuracy
Table 9-8 and Table 9-9 describe the clock drift in locked mode.
Table 9-8 Drift at Constant Temperature (MTIE)
40ns 0.1<t≤1
0.1
40t ns 1<t≤100
0.2
25.25t ns 100<t≤1000
3.2ns 0.1<t≤25
0.5
0.64t ns 25<t≤100
6.4ns 100<t≤1000
The storage environment requirements of the CiTRANS R810 Series router are as
follows:
The operating environment requirements of the CiTRANS R810 Series router are as
follows:
The transport environment requirements of the CiTRANS R810 Series router are as
follows:
u The equipment set is covered with a plastic film, and its top, middle and bottom
parts are wrapped with shock proof packing foam. A wooden case is used for
outside package.
9.6 Standard
The following introduces the standards that the CiTRANS R810 Series router
complies with.
The CiTRANS R810 Series router complies with the EMC standards listed in
Table 9-10.
Number Title
Electromagnetic compatibility and Radio spectrum Matters (ERM);
ETSI EN 300 386 Telecommunication network equipment; Electromagnetic Compatibility
(EMC) requirements
Number Title
ITU-T K.43 Immunity requirements for telecommunication equipment
The CiTRANS R810 Series router complies with the safety standards listed in
Table 9-11.
Number Title
Safety of laser products - Part 1 : Equipment classification and
EN 60825-1
requirements
IEC 60825-2 Safety of laser products - Part 2 : Safety of optical fibre communication
9.6.3 Availability
The availability of the CiTRANS R810 Series router complies with the National
Standard GB/T15941.
AC Attachment Circuit
ACL Access Control List
APS Automatic Protection Switching
BC Boundary Clock
FR Frame Relay
GR Graceful Restart
GRE Generic Routing Encapsulation
IC Integrated Circuit
IP Internet Protocol
IPSec Internet Protocol Security
MA Maintenance Association
MAC Media Access Control
MC-LAG Multi-chassis Link Aggregation Group
MD Maintenance Domain
MDF Main Distribution Frame
MEF Metro Ethernet Forum
MEN Metro Ethernet Network
MEP Maintenance End Point
OC Ordinary Clock
SN Serial Number
SNCP Sub-network Connection Protection
SNP Sequence Number Packet
SP Strict Priority
TC Transparent Clock
VC Virtual Channel
VC Virtual Circuit
VLAN Virtual Local Area Network
VPLS Virtual Private LAN Service
VPN Virtual Private Network
VPRN Virtual Private Routing Network
Name
Phone Number
Email Address
Company
To help us better understand your needs, please focus your answers on a single documentation or a complete
documentation set.
Documentation Name
Code and Version
12. Additional comments about our documentation or suggestions on how we can improve:
Thank you for your assistance. Please fax or send the completed survey to us at the contact information
included in the documentation. If you have any questions or concerns about this survey please email at
edit@fiberhome.com